Hey,
So I’m not the best PHP programmer and I only do it for personal projects etc, I’ve written this code but I don’t feel it functions anywhere near as efficiently as it should even though it works as intended.
Can someone assist me to rewrite the RunQuery function as it’s hideous.
The code:
[php]
<?PHP error_reporting(0); $Database = new mysqli('localhost', 'XX', 'XX', 'XX'); $ValidHWIDs = array("X1", "X2", "X3"); $validCommands = array("GetUsers","Password"); $Identifier = $_POST['HWID']; $Command = $_POST['CMD']; $Username = $_POST['USER']; $GLOBALS['QueryResult'] = 0; if(!in_array($Command, $validCommands)) die('Invalid Request!'); if(!in_array($Identifier, $ValidHWIDs)) die('BAD'); if($Database->connect_errno > 0) die('Service is currently offline!'); switch($Command) { case"GetUsers": $HWID=$Database->real_escape_string(str_replace(' ', '', $Identifier)); $Permissions = RunQuery("SELECT AccessLevel FROM Users where HWID='$HWID'", $Database, FALSE); $UserQuery = "SELECT user FROM accounts where AccessLevel <= $Permissions"; echo RunQuery($UserQuery, $Database, TRUE); break; case"Password": $Username = $Database->real_escape_string($Username); $Query = "SELECT pass FROM accounts where user = '$Username'"; return RunQuery($Query, $Database, FALSE); } function RunQuery($SQL, $Database, $ReturnType) { if($result = mysqli_query($Database, $SQL)) { while($row = mysqli_fetch_row($result)) { if ($ReturnType) { print_r($row[0] . "\r\n"); } elseif (!$ReturnType) { echo $row[0]; return $row[0]; } } mysqli_free_result($result); } } function Write($Request) { file_put_contents("UserRequests", $Request); } ?>[/php]
I’m not asking for code to simply copy/paste, I would like to learn through guidance.
Thanks,
Eastwood